directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <>
Subject [replication] Master slave replication will not suffice
Date Thu, 24 Feb 2005 01:15:46 GMT

I was thinking about replication earlier today.  I was hoping we can 
quickly implement master slave replication by piggy backing on a JMS 
implementation like ActiveMQ.  It quickly occured to me however that 
there is no way we can utilize a master slave rep. configuration without 
loosing all the benefits of having embedded services like Kerberos, DNS, 
DHCP etc.

The reasoning behind this has to do with the way master-slave rep. 
works.  Basically there is one master and all other servers are slaves 
a.k.a. replicas.  A request to modify a replica returns an error 
indicating the replica is not writable along with a referral to the 
master.  I forget the exact LDAP result code returned.  The client would 
then contact the master for the alteration what ever it may be.  The 
master makes the change and propagates it to the replicas usually using 
a special replication user that bypasses certain checks.

Here's the problem: with a master slave setup an embedded inet service 
like Kerberos will have to contact the master of the system to make 
alterations on all replicas for any alterations to the DIT!  This 
defeats the entire purpose of embedding the service in the first place 
and limits the HA yeild from replication.

So what we need is multimaster replication.  This is an order of 
magnitude more complex than master slave replication.


View raw message